CVE-2025-32706

HIGH KEV

Microsoft Windows 10 1507 - Improper Input Validation

Title source: rule

Description

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

References (4)

Scores

CVSS v3 7.8
EPSS 0.0130
EPSS Percentile 79.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-05-13
VulnCheck KEV 2025-05-13
ENISA EUVD EUVD-2025-14441
CWE
CWE-20
Status published
Products (16)
microsoft/windows_10_1507 < 10.0.10240.21014
microsoft/windows_10_1607 < 10.0.14393.8066
microsoft/windows_10_1809 < 10.0.17763.7314 (2 CPE variants)
microsoft/windows_10_21h2 < 10.0.19044.5854
microsoft/windows_10_22h2 < 10.0.19045.5854
microsoft/windows_11_22h2 < 10.0.22621.5335
microsoft/windows_11_23h2 < 10.0.22631.5335
microsoft/windows_11_24h2 < 10.0.26100.3981
microsoft/windows_server_2008
microsoft/windows_server_2008 r2 sp1
... and 6 more
Published May 13, 2025
KEV Added May 13, 2025
Tracked Since Feb 18, 2026